Vulnerabilities > Simple College Website Project

DATE CVE VULNERABILITY TITLE RISK
2022-09-22 CVE-2022-40087 Unrestricted Upload of File with Dangerous Type vulnerability in Simple College Website Project Simple College Website 1.0
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function file_put_contents().
network
low complexity
simple-college-website-project CWE-434
critical
 9.8
9.8
2022-09-22 CVE-2022-40088 Cross-site Scripting vulnerability in Simple College Website Project Simple College Website 1.0
Simple College Website v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /college_website/index.php?page=.
network
low complexity
simple-college-website-project CWE-79
6.1
6.1
2022-09-22 CVE-2022-40089 Unspecified vulnerability in Simple College Website Project Simple College Website 1.0
A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file.
network
low complexity
simple-college-website-project
critical
 9.8
9.8
2022-01-21 CVE-2021-44593 SQL Injection vulnerability in Simple College Website Project Simple College Website 1.0
Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution via UNION-based SQL injection in the username parameter on /admin/login.php.
network
high complexity
simple-college-website-project CWE-89
8.1
8.1
2021-07-22 CVE-2021-26232 SQL Injection vulnerability in Simple College Website Project Simple College Website 1.0
SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php.
network
low complexity
simple-college-website-project CWE-89
critical
 9.8
9.8